Shawn E. Tuma

Posts Tagged ‘Information security’

7 Strategies To Win the Cyber “Space Race” – Cybersecurity Policy Ideas for Trump Administration

In Cybersecurity Law on November 11, 2016 at 6:00 am

“To truly make America safe, we must make cybersecurity a major priority for both the government and the private sector.”  -Donald Trump

Taking a page from the “avoidance of disaster handbook,” the article below sets out 7 strategies that both your company (and the government of the United States) could pursue to better protect its networks, intellectual property and personally identifiable information. Yes, some of these strategies involve government funding, tax credits, or government involvement. But isn’t that the point of the cybersecurity race? We need to prove our cybersecurity and cyber defense is second to none.”

In 7 Strategies To Win the Cyber “Space Race”, well-respected cybersecurity thinker Paul Ferrillo (@PaulFerrillo) and I share some of our thoughts on how to win the Cyber “Space Race” based on recent examples we can all learn from as well as a few suggestions for cybersecurity policy that we would like to see from the new Trump Administration. For reference, here is President-Elect Trump’s vision for cybersecurity during his campaign.

Our purpose is to ignite a debate that will vet these ideas as well as lead to more ideas from other thought leaders who are willing to engage in this discussion along with us. Please, share your thoughts, whether good or bad,  in the comments to this post or to the article itself, via Twitter, LinkedIn, or the Cybersecurity Business Law Facebook Page.

Shawn Tuma Discusses IoT DDoS Attack Against Dyn on WHDT World News

In #IoT Internet of Things, Cyber Generally, Media on October 27, 2016 at 6:07 am

Why is Healthcare Data So Valuable to Cyber Criminals?

In Data Breach, Privacy on October 21, 2016 at 6:00 am

Healthcare data is one of the most desirable forms of data for cyber criminals to steal because its value on the cyber black market — the Dark Web — is much higher than most other forms of data. While there are several reasons for this, the recent study Your Life, Repackaged and Resold: The Deep Web Exploitation of Health Sector Breach Victims, concluded Read the rest of this entry »

Cybersecurity Legal Issues: What you really need to know (slides)

In Corporate Governance, Cyber Generally, Cybersecurity Law, Data Breach, Media, Privacy on September 14, 2016 at 8:46 pm

Shawn Tuma delivered the presentation Cybersecurity Legal Issues: What you really need to know at a Cybersecurity Summit sponsored by the Tarleton State University School of Criminology, Criminal Justice, and Strategic Studies’ Institute for Homeland Security, Cybercrime and International Criminal Justice. The presentation was on September 13, 2016 at the George Bush Institue. The following are the slides from Tuma’s presentation — a video of the presentation will be posted soon!

Read the rest of this entry »

Brazzers porn hack: more than just account holders exposed–what does this mean for your company?

In Cyber Generally, Cybersecurity Law, Data Breach, Digital Information Law, Privacy on September 7, 2016 at 8:06 am

hackedWe have been observing an evolution in hackers’ tactics from going after data that could be directly monetized, such as payment card data, to going after data that can be monetized indirectly through extortion, such as the Ashley Madison data. The hack of Brazzers porn site is similar to the Ashley Madison hack in that the real opportunity for monetization lies not in the intrinsic value of the data itself, but in the opportunity to use the data to embarrass and extort others into paying money to keep it secret.

The data dump from the hackers includes email addresses, user names and passwords spelled out in plain text, which can certainly Read the rest of this entry »

%d bloggers like this: